nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

GuardION: Practical Mitigation of DMA-Based Rowhammer Attacks on ARM

verfasst von : Victor van der Veen, Martina Lindorfer, Yanick Fratantonio, Harikrishnan Padmanabha Pillai, Giovanni Vigna, Christopher Kruegel, Herbert Bos, Kaveh Razavi

Erschienen in: Detection of Intrusions and Malware, and Vulnerability Assessment

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Over the last two years, the Rowhammer bug transformed from a hard-to-exploit DRAM disturbance error into a fully weaponized attack vector. Researchers demonstrated exploits not only against desktop computers, but also used single bit flips to compromise the cloud and mobile devices, all without relying on any software vulnerability.

Since hardware-level mitigations cannot be backported, a search for software defenses is pressing. Proposals made by both academia and industry, however, are either impractical to deploy, or insufficient in stopping all attacks: we present rampage, a set of DMA-based Rowhammer attacks against the latest Android OS, consisting of (1) a root exploit, and (2) a series of app-to-app exploit scenarios that bypass all defenses.

To mitigate Rowhammer exploitation on ARM, we propose guardion, a lightweight defense that prevents DMA-based attacks—the main attack vector on mobile devices—by isolating DMA buffers with guard rows. We evaluate guardion on 22 benchmark apps and show that it has a negligible memory overhead (2.2 MB on average). We further show that we can improve system performance by re-enabling higher order allocations after Google disabled these as a reaction to previous attacks.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Honey, I Shrunk Your App Security: The State of Android App Hardening

Nächstes Kapitel BINARM: Scalable and Efficient Detection of Vulnerabilities in Firmware Images of Intelligent Electronic Devices

Nur mit Berechtigung zugänglich

Low-Memory Shrinker API, October 2013. http://www.phonesdevelopers.info/1815288. Accessed 5 May 2017

cookie-butter: Python Script for Making Graphics Performance Charts for an Android App (2016). https://github.com/Turnsole/cookie-butter

Drammer: Native Binary for Testing Android Phones for the Rowhammer Bug (2016). https://github.com/vusec/drammer

Aweke, Z.B., Yitbarek, S.F., Qiao, R., Das, R., Hicks, M., Oren, Y., Austin, T.: ANVIL: software-based protection against next-generation Rowhammer attacks. In: Proceedings of ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) (2016)

Bosman, E., Razavi, K., Bos, H., Giuffrida, C.: Dedup Est Machina: memory deduplication as an advanced exploitation vector. In: Proceedings of IEEE Symposium on Security and Privacy (S&P) (2016)

Brasser, F., Davi, L., Gens, D., Liebchen, C., Sadeghi, A.R.: CAn’t touch this: practical and generic software-only defenses against Rowhammer attacks, November 2016. arXiv:1611.08396 [cs.CR]

Brasser, F., Davi, L., Gens, D., Liebchen, C., Sadeghi, A.R.: Can’t touch this: practical and generic software-only defenses against Rowhammer attacks. In: Proceedings of USENIX Security Symposium (2017)

Cai, Y., Ghose, S., Luo, Y., Mai, K., Mutlu, O., Haratsch, E.F.: Vulnerabilities in MLC NAND flash memory programming: experimental analysis, exploits, and mitigation techniques. In: Proceedings of International Symposium on High-Performance Computer Architecture (HPCA) (2017)

Cheng, Y., Zhang, Z., Nepal, S.: Still hammerable and exploitable: on the effectiveness of software-only physical kernel isolation, February 2018. arXiv:1802.07060 [cs.CR]

10.

Corbet, J.: Contiguous Memory Allocation for Drivers, July 2010. https://lwn.net/Articles/396702/

11.

Corbet, J.: A Reworked Contiguous Memory Allocator, June 2011. https://lwn.net/Articles/447405/

12.

Frigo, P., Giuffrida, C., Bos, H., Razavi, K.: Grand Pwning unit: accelerating microarchitectural attacks with the GPU. In: Proceedings of IEEE Symposium on Security and Privacy (S&P) (2018)

13.

Google: Testing UI Performance. https://developer.android.com/training/testing/performance.html

14.

Google: ion: Disable ION_HEAP_TYPE_SYSTEM_CONTIG, November 2016. https://android.googlesource.com/device/google/marlin-kernel/

15.

Gorman, M.: Understanding the Linux Virtual Memory Manager. Prentice Hall PTR, Upper Saddle River (2007)

16.

Gruss, D., Maurice, C., Mangard, S.: Rowhammer.js: a remote software-induced fault attack in JavaScript. In: Proceedings of Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) (2016)

17.

JEDEC Solid State Technology Association: DDR3 SDRAM Specification. JESD79-3F (2012)

18.

JEDEC Solid State Technology Association: Low Power Double Data 4 (LPDDR4). JESD209-4A (2015)

19.

Kim, Y., Daly, R., Kim, J., Fallin, C., Lee, J.H., Lee, D., Wilkerson, C., Lai, K., Mutlu, O.: Flipping bits in memory without accessing them: an experimental study of DRAM disturbance errors. In: Proceedings of International Symposium on Computer Architecture (ISCA) (2014)

20.

Lanteigne, M.: How Rowhammer Could Be Used to Exploit Weaknesses in Computer Hardware, March 2016. http://www.thirdio.com/rowhammer.pdf

21.

Nazarewicz, M.: A Deep Dive into CMA, March 2012. https://lwn.net/Articles/486301/

22.

Pessl, P., Gruss, D., Maurice, C., Schwarz, M., Mangard, S.: DRAMA: exploiting DRAM addressing for cross-CPU attacks. In: Proceedings of USENIX Security Symposium (2016)

23.

Qiao, R., Seaborn, M.: A new approach for Rowhammer attacks. In: Proceedings of IEEE International Symposium on Hardware Oriented Security and Trust (HOST) (2016)

24.

Razavi, K., Gras, B., Bosman, E., Preneel, B., Giuffrida, C., Bos, H.: Flip Feng Shui: hammering a needle in the software stack. In: Proceedings of USENIX Security Symposium (2016)

25.

Schaller, A., Xiong, W., Salee, M.U., Anagnostopoulos, N.A., Katzenbeisser, S., Szefer, J.: Intrinsic rowhammer PUFs: leveraging the Rowhammer effect for improved security. In: Proceedings of IEEE International Symposium on Hardware Oriented Security and Trust (HOST) (2017)

26.

Seaborn, M., Dullien, T.: Exploiting the DRAM Rowhammer bug to gain kernel privileges. In: Black Hat USA (BH-US) (2015)

27.

Aga, M.T., Aweke, Z.B., Austin, T.: When good protections go bad: exploiting anti-DoS measures to accelerate Rowhammer attacks. In: Proceedings of IEEE International Symposium on Hardware Oriented Security and Trust (HOST) (2017)

28.

van der Veen, V., Fratantonio, Y., Lindorfer, M., Gruss, D., Maurice, C., Vigna, G., Bos, H., Razavi, K., Giuffrida, C.: Drammer: deterministic Rowhammer attacks on mobile platforms. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2016)

29.

Vorontsov, A.: Android Low Memory Killer vs. Memory Pressure Notifications, December 2011. https://lkml.org/lkml/2011/12/18/173

30.

Xiao, Y., Zhang, X., Zhang, Y., Teodorescu, M.R.: One bit flips, one cloud flops: cross-VM Rowhammer attacks and privilege escalation. In: Proceedings of USENIX Security Symposium (2016)

31.

Zeng, T.M.: The Android ION Memory Allocator, February 2012. https://lwn.net/Articles/480055

Titel: GuardION: Practical Mitigation of DMA-Based Rowhammer Attacks on ARM
verfasst von: Victor van der Veen
Martina Lindorfer
Yanick Fratantonio
Harikrishnan Padmanabha Pillai
Giovanni Vigna
Christopher Kruegel
Herbert Bos
Kaveh Razavi
Verlag: Springer International Publishing
Buch: Detection of Intrusions and Malware, and Vulnerability Assessment
Print ISBN: 978-3-319-93410-5

Electronic ISBN: 978-3-319-93411-2

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-93411-2_5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"